Hardly a week goes by of late without the news of a new vulnerability or a new breach somewhere. Attackers these days are somewhat indiscriminate. They'll attack you in the cloud, in the data center or both. The goal is not always to extract profitable data, but exfiltrate data that can be used to extract profitable data from some other app. Everything is connected to everything else these days, after all, and obtaining customer credentials for a cloud-based marketing app may net the bad guys access to an on-premise app that can ultimately be the point of injection for malicious code that opens the door to the network.
The reality of today is that you should assume you are always under attack, because you probably are. I can visit the log of my home office router right now, and I guarantee I will find a variety of attacks that have been successfully detected and rejected. Any organization that tells you they don't detect and reject thousands of attempted attacks a day is probably lying.
The question is not if an attack will be successful, but when and how much damage it will do. The key to mitigating a successful attack is to have a process to follow when it happens, because eventually it will.
Talking with cloud notable leaders this past week, the conversation turned to the increasing number of organizations that are carefully weighing the cost of investing in security solutions versus the benefits of having a well-defined breach response process in place. Many are moving to focusing on the response process.
They see the writing on the wall. No one is really safe anymore. Attacks are constant, and even a blind squirrel will find a nut once in a while. Orphaned accounts, social engineering, web platform vulnerabilities and a lack of robust security services available to cloud-hosted applications only serve to increase the risk and reinforce the need to have a well-defined security response process in place. Especially with the constant migration of applications to the cloud.
A recent Tata Consulting survey on the state of cloud application adoption
Do you work under the assumption that you're always under the attack? Are you forthcoming with the number of attacks hitting your organizations?